Home

Description

A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input validation.

PUBLISHED Reserved 2025-01-16 | Published 2025-07-08 | Updated 2025-07-08 | Assigner CERTVDE




HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-20 Improper Input Validation

Product status

Default status
unaffected

0.0.0 (semver) before 1.7.3
affected

Default status
unaffected

0.0.0 (semver) before 1.7.3
affected

Default status
unaffected

0.0.0 (semver) before 1.7.3
affected

Default status
unaffected

0.0.0 (semver) before 1.7.3
affected

Credits

Jesson Soto Ventura finder

Matthew Waddell finder

References

certvde.com/de/advisories/VDE-2025-014

cve.org (CVE-2025-24005)

nvd.nist.gov (CVE-2025-24005)

Download JSON